EP1496664A3 - System, method and security module for securing the access of a user to at least one automation component of an automation system - Google Patents
System, method and security module for securing the access of a user to at least one automation component of an automation system Download PDFInfo
- Publication number
- EP1496664A3 EP1496664A3 EP04016223A EP04016223A EP1496664A3 EP 1496664 A3 EP1496664 A3 EP 1496664A3 EP 04016223 A EP04016223 A EP 04016223A EP 04016223 A EP04016223 A EP 04016223A EP 1496664 A3 EP1496664 A3 EP 1496664A3
- Authority
- EP
- European Patent Office
- Prior art keywords
- automation
- security module
- access
- securing
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for authentication of entities
- H04L63/0807—Network architectures or network communication protocols for network security for authentication of entities using tickets, e.g. Kerberos
Abstract
Für einen sicheren Schutz eines privaten Netzes vor unberechtigtem Zugriff z. B. aus einem Büronetz umfasst erfindungsgemäß eine Vorrichtung (1) zur Sicherung eines Datenzugriffs eines Kommunikationsteilnehmers (2) auf mindestens eine Automatisierungskomponente (4) eines Automatisierungssystems (6) innerhalb eines Automatisierungsnetzes (7) ein Sicherheitsmodul (14) mit mindestens einem Filter (16a bis 16z) zur Überwachung und Prüfung einer Kommunikationsanfrage (K), wobei in einem ersten Filter (16a) anhand eines der Kommunikationsanfrage (K) zugeordneten, gesicherten Authentifikationszeichens (T) zwischen dem Kommunikationsteilnehmer (2) und dem Sicherheitsmodul (14) ein authentifizierter Datenverkehr aufgebaut wird, in welchem eine der Kommunikationsanfrage (K) zugrunde liegende Datenübertragung in Abhängigkeit des Prüfungsergebnisses freigeschaltet oder gesperrt wird. For a secure protection of a private network against unauthorized access z. B. from an office network according to the invention comprises a device (1) for securing a data access of a communication subscriber (2) on at least one automation component (4) of an automation system (6) within an automation network (7) a security module (14) with at least one filter (16a to 16z) for monitoring and checking a communication request (K), wherein in a first filter (16a) based on one of the communication request (K) associated, secured authentication sign (T) between the communication subscriber (2) and the security module (14) an authenticated data traffic is set up in which one of the communication request (K) underlying data transmission is enabled or disabled depending on the test result.
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
DE10331307 | 2003-07-10 | ||
DE2003131307 DE10331307A1 (en) | 2003-07-10 | 2003-07-10 | Device and method and security module for securing a data access of a communication subscriber to at least one automation component of an automation system |
Publications (2)
Publication Number | Publication Date |
---|---|
EP1496664A2 EP1496664A2 (en) | 2005-01-12 |
EP1496664A3 true EP1496664A3 (en) | 2008-12-10 |
Family
ID=33441710
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
EP04016223A Ceased EP1496664A3 (en) | 2003-07-10 | 2004-07-09 | System, method and security module for securing the access of a user to at least one automation component of an automation system |
Country Status (2)
Country | Link |
---|---|
EP (1) | EP1496664A3 (en) |
DE (1) | DE10331307A1 (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
DE102005035697A1 (en) * | 2005-07-27 | 2007-02-08 | Siemens Ag | Method for establishing a direct cross-network communication connection |
DE102005035698A1 (en) * | 2005-07-27 | 2007-02-08 | Fujitsu Siemens Computers Gmbh | Method for establishing a direct, cross-network and secure communication link |
WO2009027756A2 (en) | 2007-08-28 | 2009-03-05 | Abb Research Limited | Real-time communication security for automation networks |
US8863234B2 (en) * | 2008-08-06 | 2014-10-14 | The Boeing Company | Collaborative security and decision making in a service-oriented environment |
EP2159653B1 (en) * | 2008-09-02 | 2014-07-23 | Siemens Aktiengesellschaft | Method for assigning access authorisation to a computer-based object in an automation system, computer program and automation system |
EP2400708B1 (en) | 2010-06-22 | 2013-12-04 | Siemens Aktiengesellschaft | Network protection device |
EP2464059A1 (en) * | 2010-11-19 | 2012-06-13 | Siemens Aktiengesellschaft | Switch-network nodes for a communication network with integrated safety components |
DE102011106497B4 (en) * | 2011-06-15 | 2018-11-15 | Messer Cutting Systems Gmbh | System for remote maintenance or diagnosis of a computer-controlled flame cutting machine |
DE102013209914A1 (en) * | 2013-05-28 | 2014-12-04 | Siemens Aktiengesellschaft | Filtering a data packet by means of a network filter device |
EP3382976A1 (en) * | 2017-03-30 | 2018-10-03 | Siemens Aktiengesellschaft | Protective device, method and apparatus comprising a protection device for protecting a communication network associated with the device |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
EP1241850A2 (en) * | 2001-03-16 | 2002-09-18 | Kleinwort Benson Limited | A method and system to provide and manage secure access to internal computer systems from an external client |
US6463474B1 (en) * | 1999-07-02 | 2002-10-08 | Cisco Technology, Inc. | Local authentication of a client at a network device |
US20030084331A1 (en) * | 2001-10-26 | 2003-05-01 | Microsoft Corporation | Method for providing user authentication/authorization and distributed firewall utilizing same |
-
2003
- 2003-07-10 DE DE2003131307 patent/DE10331307A1/en not_active Ceased
-
2004
- 2004-07-09 EP EP04016223A patent/EP1496664A3/en not_active Ceased
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6463474B1 (en) * | 1999-07-02 | 2002-10-08 | Cisco Technology, Inc. | Local authentication of a client at a network device |
EP1241850A2 (en) * | 2001-03-16 | 2002-09-18 | Kleinwort Benson Limited | A method and system to provide and manage secure access to internal computer systems from an external client |
US20030084331A1 (en) * | 2001-10-26 | 2003-05-01 | Microsoft Corporation | Method for providing user authentication/authorization and distributed firewall utilizing same |
Also Published As
Publication number | Publication date |
---|---|
EP1496664A2 (en) | 2005-01-12 |
DE10331307A1 (en) | 2005-02-10 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
DE60220780T2 (en) | REMOTE NANNY FINGERPRINTS ON AN UNCERTAIN NETWORK | |
DE60223129T2 (en) | METHOD AND SYSTEM FOR SECURING A COMPUTER NETWORK AND PERSONAL IDENTIFICATION DEVICE USED FOR CONTROLLING NETWORK COMPONENT ACCESS | |
EP1496664A3 (en) | System, method and security module for securing the access of a user to at least one automation component of an automation system | |
EP1326469A3 (en) | Method and device for authenticating subscribers in a communications network | |
EP1521421A3 (en) | Layered security methods and apparatus in a gaming system environment | |
DE102015109057A1 (en) | Lock access to confidential vehicle diagnostic data | |
DE102006043363A1 (en) | System and method for collecting traffic data using sounding vehicles | |
WO2010026152A1 (en) | Method for granting authorization to access a computer-based object in an automation system, computer program, and automation system | |
EP1188151A1 (en) | Devices and methods for biometric authentication | |
EP1278332A3 (en) | Method and system for real time recording with security module | |
EP1126655A1 (en) | Method of hardware and software authentication in a network system | |
EP3767513B1 (en) | Method for secure execution of a remote signature, and security system | |
DE102017208551A1 (en) | Method for protecting a network from cyber attack | |
EP3734478A1 (en) | Method for allocating certificates, management system, use of same, technical system, system component and use of identity provider | |
EP4193567B1 (en) | Method for securely equipping a vehicle with an individual certificate | |
EP3518190A1 (en) | Method and device for multi-factor authentication | |
DE102013105727A1 (en) | Method for deactivating a security system | |
DE102017208545A1 (en) | Method for protecting a network from cyber attack | |
DE102011083828A1 (en) | Method for protection against plagiarism and arrangement for implementation | |
WO2005114945A1 (en) | Method for authenticating a communications unit while using a lasting programmed secret code word | |
DE102021001170A1 (en) | Method for securing access to a vehicle to be unlocked | |
EP2477352A2 (en) | verification of identification of Identity card data for customers handling | |
WO2011131365A1 (en) | Method for configuring an application for a terminal | |
EP1912406A3 (en) | Cryptographical calculations for VoIP connections | |
DE4131248A1 (en) | Testing terminal communicating with chip cards - using secret key and code algorithm stored in chip card and in terminal security module |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PUAI | Public reference made under article 153(3) epc to a published international application that has entered the european phase |
Free format text: ORIGINAL CODE: 0009012 |
|
AK | Designated contracting states |
Kind code of ref document: A2 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL HR LT LV MK |
|
PUAL | Search report despatched |
Free format text: ORIGINAL CODE: 0009013 |
|
AK | Designated contracting states |
Kind code of ref document: A3 Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR |
|
AX | Request for extension of the european patent |
Extension state: AL HR LT LV MK |
|
17P | Request for examination filed |
Effective date: 20081211 |
|
17Q | First examination report despatched |
Effective date: 20090128 |
|
AKX | Designation fees paid |
Designated state(s): AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IT LI LU MC NL PL PT RO SE SI SK TR |
|
STAA | Information on the status of an ep patent application or granted ep patent |
Free format text: STATUS: THE APPLICATION HAS BEEN REFUSED |
|
18R | Application refused |
Effective date: 20090813 |